malach-it / boruta_auth

A yet complex but OpenID™ certified OAuth / OpenID Connect provider core
MIT License
53 stars 10 forks source link

downloads continuous integration coverage Status

Logo

Boruta OAuth/OpenID Connect provider core

Boruta is the core of an OAuth 2.0 and OpenID Connect provider implementing according business rules. This library also provides a generator to create phoenix controllers, views and templates to have a basic provider up and running.

As it, a provider implemented using Boruta aim to follow RFCs:

And specification from OpenID Foundation:

This package is meant to help to bring authorization into Elixir applications. With it, you can perform part or all of authorization code, implicit, hybrid, client credentials, or resource owner password credentials grants flows. It also helps introspecting and revoking tokens.

Documentation

Master branch documentation can be found here

Stable documentation is hosted on hexdocs.pm

Integration example

An example of integration can be found here, it followed the integration steps described in below guides section.

OpenID Certification

This package has successfully passed basic, implicit and hybrid OpenID Profiles certifications as of May 7th, 2022 for its version 2.1.2. This certification was performed with the above sample server.

OpenID Certification watermark

Guides

Here are some guides helping the integration of OAuth/OpenID Connect in your systems:

Feedback

It is a work in progress, all feedbacks / feature requests / improvements are welcome

Code of Conduct

This product community follows the code of conduct available here

License

This code is released under the MIT license.